package com.qg.controller.admin;

import com.qg.entity.Result;
import com.qg.entity.User;
import com.qg.service.UserService;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.subject.Subject;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.ResponseBody;
import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;

/**
 * @auther lcy
 * @date 2018/9/28
 */
/*@Controller*/
public class LoginController1 {

    @Autowired
    private UserService userService;
    /**
     * 登录
     *
     * @param username
     * @param password
     * @return
     */
    @RequestMapping("/login1")
    public String login1(@RequestParam("username") String username, @RequestParam("password") String password) {
        User user = userService.findByName(username);
        ServletRequestAttributes attributes = (ServletRequestAttributes) RequestContextHolder.getRequestAttributes();
        HttpServletRequest request = attributes.getRequest();
        HttpSession session = request.getSession();
        if (user != null) {
            if (user.getPassword().equals(password)) {
                // 1、获取Subject实例对象
                Subject currentUser = SecurityUtils.getSubject();
                // 2、判断当前用户是否登录
                if (currentUser.isAuthenticated() == false) {
                    // 3、将用户名和密码封装到UsernamePasswordToken
                    UsernamePasswordToken token = new UsernamePasswordToken(username, password);

                    // 4、认证
                    try {
                        currentUser.login(token);// 传到MyAuthorizingRealm类中的方法进行认证
                        /*Session session = currentUser.getSession();
                        session.setAttribute("username", username);*/
                        session.setAttribute("username", username);
                        session.setAttribute("result",new Result(true, user.getUsername()));
                        //返回验证的成功信息
                        return "home/index";
                    } catch (AuthenticationException e) {
                        throw new RuntimeException("密码或用户名错误");
                    }
                }
            }
        }
        session.setAttribute("result",new Result(false, "登录失败"));
        //返回验证的错误信息
        return "home/login";
    }



    /**
     * 注册
     *
     * @param username
     * @param password
     * @return
     */
  /*  @ResponseBody
    @RequestMapping("/register")
    public Result register(@RequestParam("username") String username, @RequestParam("password") String password) {
        try {
            userService.create(new User(username, password));
            ServletRequestAttributes attributes = (ServletRequestAttributes) RequestContextHolder.getRequestAttributes();
            //将登陆用户信息存入到session域对象中
            attributes.getRequest().getSession().setAttribute("user", new User(username, password));
            return new Result(true, username);
        } catch (Exception e) {
            e.printStackTrace();
        }
        return new Result(false, "发生未知错误");
    }*/

}
